Set relaxed PK policies for tests with weak DSA keys

2025-09-09 10:19:39 +02:00 · 2025-04-10 13:24:19 +02:00 · 2025-04-10 13:24:19 +02:00 · 148af79794
commit 148af79794
parent 85856567dd
2 changed files with 37 additions and 0 deletions
--- a/pgpainless-sop/src/test/java/org/pgpainless/sop/CarolKeySignEncryptRoundtripTest.java
+++ b/pgpainless-sop/src/test/java/org/pgpainless/sop/CarolKeySignEncryptRoundtripTest.java
@ -9,6 +9,8 @@ import static org.junit.jupiter.api.Assertions.assertArrayEquals;
 import java.io.IOException;

 import org.junit.jupiter.api.Test;
+import org.pgpainless.PGPainless;
+import org.pgpainless.policy.Policy;
 import sop.ByteArrayAndResult;
 import sop.DecryptionResult;
 import sop.EncryptionResult;
@ -275,6 +277,17 @@ public class CarolKeySignEncryptRoundtripTest {

    @Test
    public void regressionTest() throws IOException {
+        // PGPainless default API is strict
+        PGPainless strictAPI = PGPainless.getInstance();
+        PGPainless relaxedAPI = new PGPainless(
+                strictAPI.getImplementation(),
+                // BSI policy allows DSA
+                strictAPI.getAlgorithmPolicy().copy()
+                        .withPublicKeyAlgorithmPolicy(Policy.PublicKeyAlgorithmPolicy.bsi2021PublicKeyAlgorithmPolicy())
+                        .build()
+        );
+        PGPainless.setInstance(relaxedAPI);
+
        SOPImpl sop = new SOPImpl();
        byte[] msg = "Hello, World!\n".getBytes();
        ReadyWithResult<EncryptionResult> encryption = sop.encrypt()
@ -294,5 +307,7 @@ public class CarolKeySignEncryptRoundtripTest {
        VerificationListAssert.assertThatVerificationList(decryption.getResult().getVerifications())
                .hasSingleItem()
                .issuedBy("71FFDA004409E5DDB0C3E8F19BA789DC76D6849A", "71FFDA004409E5DDB0C3E8F19BA789DC76D6849A");
+
+        PGPainless.setInstance(strictAPI);
    }
 }
--- a/pgpainless-sop/src/test/java/sop/testsuite/pgpainless/operation/PGPainlessEncryptDecryptTest.java
+++ b/pgpainless-sop/src/test/java/sop/testsuite/pgpainless/operation/PGPainlessEncryptDecryptTest.java
@ -4,8 +4,30 @@

 package sop.testsuite.pgpainless.operation;

+import org.pgpainless.PGPainless;
+import org.pgpainless.policy.Policy;
+import sop.SOP;
 import sop.testsuite.operation.EncryptDecryptTest;

+import java.io.IOException;
+
 public class PGPainlessEncryptDecryptTest extends EncryptDecryptTest {

+    @Override
+    public void encryptDecryptRoundTripCarolTest(SOP sop) throws IOException {
+        // Carols key is DSA, which is rejected by PGPainless default policy now.
+        // Therefore, we need to set a relaxed PGPainless API instance, allowing DSA keys.
+        PGPainless strictAPI = PGPainless.getInstance();
+        PGPainless relaxedAPI = new PGPainless(
+                strictAPI.getImplementation(),
+                strictAPI.getAlgorithmPolicy().copy()
+                        .withPublicKeyAlgorithmPolicy(Policy.PublicKeyAlgorithmPolicy.bsi2021PublicKeyAlgorithmPolicy())
+                        .build());
+        PGPainless.setInstance(relaxedAPI);
+
+        super.encryptDecryptRoundTripCarolTest(sop);
+
+        PGPainless.setInstance(strictAPI);
+    }
+
 }